Logging
Private Relay’s design, combined with a minimal logging policy, ensures that
proxy logs do not contain enough information to connect a user’s IP address
oraccount information with their browsing activity.
The information logged by Private Relay contains no unique identifiers and
islimited to the following, for the sole purpose of operating and improving
theservice:
• Connection properties and performance metrics
• Network and region information derived from IP address
• Anonymous token validation success rate and performance
• Private Relay system resource usage
The following fields related to anonymous token issuance are logged as a part
of Private Relay’s fraud prevention and anti-abuse measures, but cannot be
correlated with connection information:
• iCloud account, software version, and request timestamp
Coverage and Compatibility
Private Relay is designed to be always-on and completely transparent,
protecting the user without any noticeable impact to their day-to-day
experience. However, there are some cases where Private Relay may not be
applicable, orthe service may be unavailable, as detailed below. In these
instances, PrivateRelay is designed to provide clear status information and
control to theuser, and provide appropriate controls to enterprises and network
operators that might require the ability to audit all traffic on their network.
Local and corporate network servers
Private Relay only protects connections on public internet servers, while still
allowing users to access local or private servers directly with Private Relay
enabled. This is great for accessing servers on a corporate network or
interacting with devices on the local network.
If a proxy or ODoH server detects that a specific server name is not a public
internet name, it instructs the device to try to access the server directly over "
the local network. For added protection, the device will never allow direct
connections to names that are on the DuckDuckGo known tracker list.
Private Relay will not attempt to proxy traffic that the device knows is specific
tothe local network, such as an IP address on the local subnet.
Cellular services
Cellular services, such as Multimedia Messaging Service (MMS), telephony
services (XCAP), Entitlement Server access, tethering traffic, and Visual
Voicemail, do not use Private Relay. These services are always accessed directly.